The National Institute of Standards and Technology (NIST) has announced its first three post-quantum cryptographic algorithms, which will be able to safeguard data even in the event that quantum computing advances to the point that today’s cryptography can be broken.
“The official publication of these algorithms marks a crucial milestone to advancing the protection of the world’s encrypted data from cyberattacks that could be attempted through the unique power of quantum computers, which are rapidly progressing to cryptographic relevancy. This is the point at which quantum computers will harness enough computational power to break the encryption standards underlying most of the world’s data and infrastructure today,” IBM, who developed two of these new standards, wrote in a statement.
RELATED: What NIST’s newly approved post-quantum algorithms mean for the future of cryptography
According to NIST, experts predict that we may reach that point of cryptographic relevancy within the next decade. This set of three new algorithms use different math problems that even a quantum computer would have trouble solving, NIST explained.
These new algorithms are part of NIST’s post-quantum cryptography (PQC) program, and today’s news comes eight years after NIST first announced a call for proposals asking for standards and strategies for securing information in a quantum world.
“Quantum computing technology could become a force for solving many of society’s most intractable problems, and the new standards represent NIST’s commitment to ensuring it will not simultaneously disrupt our security,” said Laurie E. Locascio Under Secretary of Commerce for Standards and Technology and NIST Director. “These finalized standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”
NIST is also still evaluating two other sets of algorithms, and plans to select one or two of them by the end of the year. The first set contains algorithms with a different type of math problems than the selected one, and the second set contains algorithms that are designed for digital signatures.
In addition, NIST expects to announce 15 algorithms that it received during a second call for proposals in 2022.
However, even though NIST is still approving additional algorithms, it says that they consider them as backups and recommends technologists not postpone using the three that have already been announced.
“We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe,” said Dustin Moody, a NIST mathematician who heads the PQC program. “But for most applications, these new standards are the main event.”
Tom Patterson, emerging technology security lead at Accenture, believes that this announcement “marks a pivotal moment in our cybersecurity landscape. As quantum computers emerge, they present a significant risk to our current encryption methods. Organizations must assess their quantum risk, discover vulnerable encryption within their systems, and develop a resilient cryptographic architecture now.”
You may also like…
Q-Day prepping: What businesses can do now to address quantum security risks
Forrester shares its top 10 emerging technology trends for 2024